Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(853)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/lookup.cc

Issue 1587633002: LookupIterator should find private symbols on JSProxies (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: updates Created 4 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | src/objects.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/lookup.cc
diff --git a/src/lookup.cc b/src/lookup.cc
index 1ffd888350bda9c46c8b5b6de434edb4d8d74db0..48da4fabeea4eff3db524976b3e177bc1b5c8aab 100644
--- a/src/lookup.cc
+++ b/src/lookup.cc
@@ -270,23 +270,27 @@ void LookupIterator::ApplyTransitionToDataProperty() {
void LookupIterator::Delete() {
- Handle<JSObject> holder = Handle<JSObject>::cast(holder_);
+ Handle<JSReceiver> holder = Handle<JSReceiver>::cast(holder_);
if (IsElement()) {
- ElementsAccessor* accessor = holder->GetElementsAccessor();
- accessor->Delete(holder, number_);
+ Handle<JSObject> object = Handle<JSObject>::cast(holder);
+ ElementsAccessor* accessor = object->GetElementsAccessor();
+ accessor->Delete(object, number_);
} else {
PropertyNormalizationMode mode = holder->map()->is_prototype_map()
? KEEP_INOBJECT_PROPERTIES
: CLEAR_INOBJECT_PROPERTIES;
if (holder->HasFastProperties()) {
- JSObject::NormalizeProperties(holder, mode, 0, "DeletingProperty");
+ JSObject::NormalizeProperties(Handle<JSObject>::cast(holder), mode, 0,
+ "DeletingProperty");
holder_map_ = handle(holder->map(), isolate_);
ReloadPropertyInformation();
}
// TODO(verwaest): Get rid of the name_ argument.
- JSObject::DeleteNormalizedProperty(holder, name_, number_);
- JSObject::ReoptimizeIfPrototype(holder);
+ JSReceiver::DeleteNormalizedProperty(holder, name_, number_);
+ if (holder->IsJSObject()) {
+ JSObject::ReoptimizeIfPrototype(Handle<JSObject>::cast(holder));
+ }
}
}
@@ -413,8 +417,8 @@ bool LookupIterator::InternalHolderIsReceiverOrHiddenPrototype() const {
Handle<Object> LookupIterator::FetchValue() const {
Object* result = NULL;
- Handle<JSObject> holder = GetHolder<JSObject>();
if (IsElement()) {
+ Handle<JSObject> holder = GetHolder<JSObject>();
// TODO(verwaest): Optimize.
if (holder->IsStringObjectWithCharacterAt(index_)) {
Handle<JSValue> js_value = Handle<JSValue>::cast(holder);
@@ -426,12 +430,14 @@ Handle<Object> LookupIterator::FetchValue() const {
ElementsAccessor* accessor = holder->GetElementsAccessor();
return accessor->Get(handle(holder->elements()), number_);
} else if (holder_map_->IsJSGlobalObjectMap()) {
+ Handle<JSObject> holder = GetHolder<JSObject>();
result = holder->global_dictionary()->ValueAt(number_);
DCHECK(result->IsPropertyCell());
result = PropertyCell::cast(result)->value();
} else if (holder_map_->is_dictionary_map()) {
- result = holder->property_dictionary()->ValueAt(number_);
+ result = holder_->property_dictionary()->ValueAt(number_);
} else if (property_details_.type() == v8::internal::DATA) {
+ Handle<JSObject> holder = GetHolder<JSObject>();
FieldIndex field_index = FieldIndex::ForDescriptor(*holder_map_, number_);
return JSObject::FastPropertyAt(holder, property_details_.representation(),
field_index);
@@ -506,20 +512,21 @@ Handle<Object> LookupIterator::GetDataValue() const {
void LookupIterator::WriteDataValue(Handle<Object> value) {
DCHECK_EQ(DATA, state_);
- Handle<JSObject> holder = GetHolder<JSObject>();
+ Handle<JSReceiver> holder = GetHolder<JSReceiver>();
if (IsElement()) {
- ElementsAccessor* accessor = holder->GetElementsAccessor();
- accessor->Set(holder->elements(), number_, *value);
+ Handle<JSObject> object = Handle<JSObject>::cast(holder);
+ ElementsAccessor* accessor = object->GetElementsAccessor();
+ accessor->Set(object->elements(), number_, *value);
} else if (holder->IsJSGlobalObject()) {
Handle<GlobalDictionary> property_dictionary =
- handle(holder->global_dictionary());
+ handle(JSObject::cast(*holder)->global_dictionary());
PropertyCell::UpdateCell(property_dictionary, dictionary_entry(), value,
property_details_);
} else if (holder_map_->is_dictionary_map()) {
NameDictionary* property_dictionary = holder->property_dictionary();
property_dictionary->ValueAtPut(dictionary_entry(), *value);
} else if (property_details_.type() == v8::internal::DATA) {
- holder->WriteToField(descriptor_number(), *value);
+ JSObject::cast(*holder)->WriteToField(descriptor_number(), *value);
} else {
DCHECK_EQ(v8::internal::DATA_CONSTANT, property_details_.type());
}
@@ -611,8 +618,7 @@ LookupIterator::State LookupIterator::LookupInHolder(Map* const map,
case NOT_FOUND:
if (map->IsJSProxyMap()) {
// Do not leak private property names.
- if (!name_.is_null() && name_->IsPrivate()) return NOT_FOUND;
- return JSPROXY;
+ if (IsElement() || !name_->IsPrivate()) return JSPROXY;
}
if (map->is_access_check_needed() &&
(IsElement() || !isolate_->IsInternallyUsedPropertyName(name_))) {
@@ -668,7 +674,7 @@ LookupIterator::State LookupIterator::LookupInHolder(Map* const map,
if (cell->value()->IsTheHole()) return NOT_FOUND;
property_details_ = cell->property_details();
} else {
- NameDictionary* dict = JSObject::cast(holder)->property_dictionary();
+ NameDictionary* dict = holder->property_dictionary();
int number = dict->FindEntry(name_);
if (number == NameDictionary::kNotFound) return NOT_FOUND;
number_ = static_cast<uint32_t>(number);
« no previous file with comments | « no previous file | src/objects.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698